This has been quite a problem for us. We end using the maven-enforcer-plugin to globally ban "deprecated" dependencies or group ids. An example is quartz. Quartz's group id used to be "quartz", then was changed to "opensymphony" and again was changed to "org.opensymphony.quartz" and is currently "org.quartz-scheduler". Using an old dependency because a group id/artifact id is just one problem. An even more hideous problem is when maven resolves multiples of the same artifact because an artifact's group id has changed. The old groupid & new groupid may be both be transitive dependencies. Along with deprecation, maven should have some concept of synonym dependencies where maven wont think that renames are completely different things. Also, it would be good if the central repository could set forth some rules about uploading artifacts that depend on deprecated artifacts - possibly not allowing it, or at least discouraging it.
Here is a small snippet from our enforcer configuration that highlights the problem:
<!-- renamed (decrecated) groupids -->
Synonym dependencies could be taken a step further where multiple implementations exist for the same api. Think genronimo servlet versus javax.servlet or commons-logging versus jcl-over-slf4j. If maven had a way to track synonym dependencies then at the very least spit out warnings like: Warning: javax.servlet:servlet-api:2.5:jar and org.apache.geronimo.specs:geronimo-servlet_2.5_spec:1.2:jar are both found at compile scope but only one is needed.